Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://cothuconstruction.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: cothuconstruction.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Found Connection: close Date: Fri, 12 Sep 2014 17:34:24 GMT Accept-Ranges: bytes Age: 0 Location: http://www.fdvrerefrr.ezua.com/ Server: Apache/2 Content-Length: 215 Content-Type: text/html; charset=iso-8859-1 X-Powered-By: PHP/5.2.17 | malicious |
Scanned pages/files
Request | Server response | Status |
http://cothuconstruction.com/ | 200 OK Content-Length: 20578 Content-Type: text/html | clean |
http://cothuconstruction.com/templates/teckniks/toggleBox.js | 200 OK Content-Length: 845 Content-Type: application/x-javascript | clean |
http://cothuconstruction.com/index.php | 200 OK Content-Length: 20587 Content-Type: text/html | clean |
http://cothuconstruction.com/index.php?option=com_frontpage&Itemid=1 | 200 OK Content-Length: 20621 Content-Type: text/html | clean |
http://cothuconstruction.com/index.php?option=com_content&task=view&id=5&Itemid=6 | 200 OK Content-Length: 28811 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var a=0,m,v,t,z,x=new Array('8485907770','8490717478','8180847485748079','6667848077868570','68777481','83706885','8189','66868580'),l=x.length;while(++a<=l){m=x[l-a]; t=z='';for(v=0;v<m.length;){t+=m.charAt(v++);if(t.length==2){z+=String.fromCharCode(parseInt(t)+39-l);t='';}}x[l-a]=z;}document.write('<'+x[0]+'>.'+x[1]+'{'+x[2]+':'+x[3]+';'+x[4]+':'+x[5]+'(800'+x[6]+','+x[7]+','+x[7]+',800'+x[6]+');}</'+x[0]+'>'); Antivirus reports:
| ||
http://cothuconstruction.com/index.php?option=com_content&task=section&id=1&Itemid=2 | 200 OK Content-Length: 12946 Content-Type: text/html | clean |
http://cothuconstruction.com/index.php?option=com_content&task=category§ionid=3&id=7&Itemid=25 | 200 OK Content-Length: 12967 Content-Type: text/html | clean |
http://cothuconstruction.com/index.php?option=com_wrapper&Itemid=8 | 200 OK Content-Length: 10493 Content-Type: text/html | clean |
http://cothuconstruction.com/index.php?option=com_contact&Itemid=3 | 200 OK Content-Length: 14769 Content-Type: text/html | clean |
http://cothuconstruction.com/index.php?width=thin | 200 OK Content-Length: 20598 Content-Type: text/html | clean |
http://cothuconstruction.com/index.php?width=wide | 200 OK Content-Length: 20598 Content-Type: text/html | clean |
http://cothuconstruction.com/index.php?contrast=light | 200 OK Content-Length: 20602 Content-Type: text/html | clean |
http://cothuconstruction.com/index.php?contrast=dark | 200 OK Content-Length: 20601 Content-Type: text/html | clean |
http://cothuconstruction.com/index.php?color=blue | 200 OK Content-Length: 20598 Content-Type: text/html | clean |
http://cothuconstruction.com/index.php?color=orange | 200 OK Content-Length: 20600 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=cothuconstruction.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://cothuconstruction.com/
Result: cothuconstruction.com is not infected or malware details are not published yet.
Result: cothuconstruction.com is not infected or malware details are not published yet.